[Top] [All Lists]

RE: Recipient-verifiable messages, was: forwarding an encrypted P GP message is useless

2002-05-29 22:51:17

moeller(_at_)cdc(_dot_)informatik(_dot_)tu-darmstadt(_dot_)de wrote:

Hal Finney <hal(_at_)finney(_dot_)org>:
Adam Back writes:

What we proposed is related.  Rather
than the normal encrypted signed message:

   Encrypt_Bob(K), Encrypt(K, Sign_Alice(Hash(msg)), msg)

we proposed:

   Encrypt_Bob(K), Encrypt(K, Sign_Alice(Hash(K||Bob_PK)), msg)

with the additional restriction that the encryption mode 
should be one
of the MDC modes (ie appended MAC with K outside encryption, or
appended hash of msg inside encryption).

What a wonderful solution. Hello everybody, we go ahead and change
the next version of the protocol to this. Ok?

Terje Bråten

<Prev in Thread] Current Thread [Next in Thread>